Solved

Yahoo/bellsouth.net reports my sender as a possible fraud/spoof following an on-premises Exchange to Office 365 Exchange Cutover Migration

Posted on 2016-11-10
3
38 Views
Last Modified: 2016-11-22
Recently completed an on-premises Exchange to Office 365 hosted Exchange cutover migration. Everything went as advertised and the company is using hosted Exchange without issues. The on-premises Exchange server has been shut down since the migration. The one issue I'm having: When someone sends an email from the company domain to one of the employees' PERSONAL bellsouth.net account, the bellsouth.net account holder gets the email, but then gets another email saying (see graphic): This sender failed our fraud detection checks and may not be who they appear to be. I reviewed the DNS records for the company domain and found a legacy SRV mail protection record and a mail A record related to the on-premises Exchange server, which I have since deleted. But even after a day or so allowing for propagation, the problem persists. Thoughts?
yahoo-emailerr.JPG
0
Comment
Question by:tcianflone
  • 2
3 Comments
 
LVL 14

Accepted Solution

by:
Schnell Solutions earned 500 total points
ID: 41882722
Hello,

You are going on the good track. Because the problem is really related to anti spam checks and revisions, I believe that it is what you just reconfigured correctly: The ID Filtering / SPF that are validated with the TXT record in your DNS zone.

Additionally, like you stated, it usually takes from 0 to 3 days. However, some anti spam solutions store information locally for some additional time.

Try to check if there is a process (usually it is done online), where you can contact the destination domain messaging administrators, and complete any additional action to take you out from possible block lists in 'their systems'.
0
 
LVL 1

Author Comment

by:tcianflone
ID: 41886906
So, it's been a week now and this is still happening. The DNS zone looks fine to me, like every other Office 365 hosted Exchange service I have ever set up. And bellsouth.net is the ONLY email service complaining about it. Can anyone provide a link to where I can report this to AT&T email admins? That company is so huge, I can't imagine actually finding the right place to report something like this.
0
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41888062
You can start here...

http://rbl.att.net/block_inquiry.html

There are many links for many tasks, i.e. Tools for administrators or mail systems whose messages has been blocked.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now